* Posts by Mike Pellatt

557 publicly visible posts • joined 17 Apr 2007

Page:

Network Rail steps back from geofencing over safety fears

Mike Pellatt

Re: Incoming in 3...2...1...0

I've yet to see "banksman" as a label of the function of anyone working lineside in the (depressingly numerous) RAIB (Rail Accident Investigation Branch) reports into trackside worker injuries and deaths.

Microsoft Publisher books its retirement party for 2026

Mike Pellatt

Re: Scribus

looks like they realised they needed other DNS entries in the SAN (as there's a whole slew of 'em there) but forgot the bare domain name.

Leaked email: Unit4 ERP system leaves some school staff with 'nil pay'

Mike Pellatt

Re: Software is not "the easy part" of systems.

I think you just described Horizon down to a tee there.....

Mike Pellatt

They have form

This is the same council that, in 1997/8, decided it didn't need a new corporate HQ but could stay in County Hall (no longer in the county) and reconfigure the office space there, take on 4 hub office buildings across the county, and do hot-desking.

Small problem, they didn't realise the listing status of the building made the reconfiguration unworkable. And hot desking couldn't work as Highways, Education and Social Services were all on separate networks. Whoops. (I was a councillor, not in the majority party, at the time)

It took them another 20+ years to finally relocate into the county, as recommended by the outgoing administration in 1997.

And they got in a hotshot head of IT who had some weird "dialtone service" slogan for IT.

UK PM promises faster justice for Post Office Horizon victims

Mike Pellatt

Re: Hot air

But of course Windrush is about furriners, especially those of a certain colour, so it matters less to far too many people in the UK.

It's almost as if they're reliving the racism they encountered when they first arrived, and the intervening decades never happened.

Microsoft kills off Windows app installation from the web, again

Mike Pellatt

Re: "from a trusted certification authority"

You've just described, in about 20 paras, why PKI is broken, in this case for code signing, but it's not its only brokenness. By a long chalk.

CEO arranged his own cybersecurity, with predictable results

Mike Pellatt

Re: Unannounced security tests

That's not the purpose of a test phishing campaign. It's to measure the effectiveness of the org's awareness and training policies and procedures.

In that context, I'd expect alerting colleagues to a clearly targeted attack to be part of good security processes.

Bricking it: Do you actually own anything digital?

Mike Pellatt

Re: Same fraud as 'lifetime' guarantee

Until a consumer contacts Money Mail.

Whereupon, all of a sudden, the lucky punter gets their warranty honoured.

Tough tittie if your letter isn't selected for action by the editorial team, though.

What comes after open source? Bruce Perens is working on it

Mike Pellatt

Re: Stop working for them for free.

Microsoft? Highly Innovative?

You're having a giraffe.

MSDOS set the capabilities of desktop computers back 5-10 years. I first said this in the late 1980s, if not earlier.

Attacks abuse Microsoft DHCP to spoof DNS records and steal secrets

Mike Pellatt

Re: Of course this won't be fixed

You mean Entra. Keep up at the back, there, with the constant renaming of Azure stuff and shuffling about in the management portals.

Mike Pellatt

Re: Just say no!

All agreed - bar running DHCP on "the gateway". Keep it behind there, keep the attack surface low on the gateway.

Kea DHCP sever is nice, but got a much steeper learning curve than legacy ISC DHCP. And needs payment for some useful features (resilient duplicate servers included, if memory serves)

Rackspace runs short of Cloud Files storage in LON region

Mike Pellatt

Re: The fallibility of cloud storage ?

Odd. Everything I've been told (well, at least the believable stuff) is that the cloud is simply using someone else's computers.

All the "cloudy" stuff is just a Simple Matter of Programming. And networking.

Will anybody save Linux on Itanium? Absolutely not

Mike Pellatt

Other VLIW systems

Those of us who were around at the time, following comp.arch with utter fascination, remember the Multiflow TRACE - 125 or so sales. The book by Josh Fisher's wife is well worth reading.

Before that, we also followed the massive parallelism of the Thinking Machines range.

Arguably, both architectures suffered from compilers not delivering what was needed/promised.

Bad eIDAS: Europe ready to intercept, spy on your encrypted HTTPS connections

Mike Pellatt

Re: Our chosen leaders...

The results of a few recent by-elections would suggest otherwise.

What is insane is how quickly it all gets forgotten. 1997 only achieved the result expected in 1992 thanks to the "expenses scandal". Anyone remembering that should be entirely unsurprised by the "VIP lane", rules on , external "consultancy", 2nd jobs, employing family members as Parliamentary assistants, etc., etc., being ignored.

Intel's PC chip ship is sinking with Arm-ada on the horizon

Mike Pellatt

Re: So what's the strategy?

"Maybe there's a special course directors have to go on, and as part of that they have any courage, social skills, business acumen, common sense and likeability excised by brain surgery."

That's an MBA, isn't it?

Ask a builder to fix a server and out come the vastly inappropriate power tools

Mike Pellatt

Re: Shocking!

Yabut if you're going to be free of carrying a charge, you need to be a good conductor, not a poor conductor.

Try rubbing a copper pipe and see if you can get a spark off it....

I'll get my coat.

Millions of smart meters will brick it when 2G and 3G turns off

Mike Pellatt

Re: No corruption here.

Oh for the ability to double upvote the Genesis reference there. To a song that's even more apposite now than it was 50 years ago.

Mike Pellatt

Re: No corruption here.

Yeah, you know that. But they don't. And would therefore potentially be liable if you house explodes.

Mike Pellatt

Re: No corruption here.

And, even better, you can turn on loads of equipment, heaters, etc., and open all your windows when you hit a half-hour period with a negative tariff.

That's happened a few times lately on Octopus Agile. And it's not as perverse as it sounds - it can actually cost more to stop some generation systems for a short period and then restart them (think nuclear), so it makes sense to pay (less than it would cost to turn them off) for the output if it being can't go anywhere else (think Dinorwic top lake being full).

Mike Pellatt

Re: No corruption here.

Yeah, I love that sort of sales call.

In the early 1980s I let a double glazing salesdroid into the house. He tried to tell me that most of the dust in the house comes in from outside through gaps in the windows which double glazing would fix.

I did enjoy telling him that most of it would actually be dead cells off our skin, and reducing draughts wouldn't really fix that, would it?

Now, living in a thatched place so we get loads of insects, spider poo becomes quite the issue, too :-). That, and dried mud off the dogs..... No longer living near the M25 does, at least, stop all the dust being stuck together with gluey black stuff from the diesel exhaust PM (OK, that does come in from the outside)

Mike Pellatt

Re: No corruption here.

1997-era could be microbore. Just sayin'.

Neither is 1997 so long ago that those school-style cast iron radiators were the default install.

Progress towards 'Gigabit Europe' is slow, with UK also lagging

Mike Pellatt

Re: "42% of users stated their current internet was sufficient for their needs"

Not covered by the CDS (Connecting -sic- Devon and Somerset) disaster are you, by any chance?

Make-me-root 'Looney Tunables' security hole on Linux needs your attention

Mike Pellatt

Re: re: a buffer overflow vulnerability in the GNU C Library

Mostly because the original design intent for 'C' was to provide a slightly higher level way of writing in assembler. Which is of course more like a thermonuclear weapon than a bottle of nitroglycerine. There are loads of applications written in the language that should have used almost any one, except perhaps Fortran or Basic.

However.... unsurprisingly, it's hard to write 'C' library routines in a language other then 'C'.

Switch to hit the fan as BT begins prep ahead of analog phone sunset

Mike Pellatt

Re: I want to know the equipment...

Or run a SIP client on your mobile

Mike Pellatt

It's the "only" bit that's the problem. The pump to put local water tower apparently tripped out regularly, and most of the village lost their water once the water towe drained.

And then got dirty water for a few hours once it returned.

"Apparently" because I only know this from the village FB group, being on a nice reliable well-filtered and chemical-free (once the leached nitrates are removed) private water supply.....

Mike Pellatt

Re: Are these powered from the DC supply at the switch in the same way as POTS?

It looks very much as if there's no serious power supply resilience at the local mast installed for... the Emergency Services Network.

That's so going to turn out well.

Mike Pellatt

Some of us were in the Dartford/Bexleyheath area when some scrotes set fire to the 132KV line on a cable bridge across the Darent. It was never determined whether it was a suicidal cable theft attempt or just vandalism.

Took best part of 3 days to repair, the DNO were shipping gennies from all across the UK to install in the substations.

The best part was the number of underground cables that popped over the following year or so because they'd got cold and the moisture wasn't being evaporated over that period....

And in a classic horse/stable door event, Proper Security and CCTV were subsequently installed on the cable bridge.

Mike Pellatt

Re: power cuts

Yep, that Lancaster report is a case study in what does and does not work when it comes to resilience. And how a few people thinking ahead and acting creatively can make a lot of difference.

Mike Pellatt

Re: what about my fax machine?

Depends if your line's DACS'ed.

How TCP's congestion control saved the internet

Mike Pellatt

Re: Ah, ATM

And yet ATM survives in all our xDSL connections :-)

Mike Pellatt

Re: The biggest reason for it's success

True except for the competition with ISO. Which did look like it would win through at the time.

We wrote our our own TP4, initially for the Mac, because the commercials for the only other one available just didn't work.

Cisco dumps its Hyperflex hyperconverged infrastructure

Mike Pellatt

Re: Not surprised

And Hyperflex is actually "multivendor", like so much Cisco stuff (I'm looking at you too, Firepower) with a central and critical component coming from M&A activity - in this case, Springpath.

I'm screwed by it's use of NFSv3 which leads to VMs stalling if a snapshot is removed from a different host from the running one. Somewhat screwing Druva backups. Apparently fixed by NFSv4, but the Springpath VMs don't do that.

Won't mourn it's passing

USENET, the OG social network, rises again like a text-only phoenix

Mike Pellatt

Nope, you weren't. 1984, negotiated a feed from IST (Imperial Software Technology). ukc was the main Janet hub. v22 modem, contemplated "midnight line" - a BT thing where you paid a massive line rental but calls were not charged from midnight to 6am, but given it was a local call it didn't make sense. The feed we got fitted on a 60MB drive on the 3b2.

I learnt so much from comp.arch.

Mike Pellatt

Any ISP considering running a news service would, hopefully, visit demon.service where again, hopefully, the history of news.demon.co.uk can still be found

Probably the most "amusing" bit of it's disastrous early years was when the entire news spool got trashed thanks to a firmware bug on every drive in the RAID array, rendering it not at all R.

Microsoft admits slim staff and broken automation contributed to Azure outage

Mike Pellatt

Always

Routinely

Test

Your

Resilient

Infrastructure

to check it is actually, you know, resilient.

UK air traffic woes caused by 'invalid flight plan data'

Mike Pellatt

Re: Expertise

That was the proximate cause of the last NATS major TITSUP

Malware loader lowdown: The big 3 responsible for 80% of attacks so far this year

Mike Pellatt

Re: Point out that this is all semantics

Yeah. And the use of "loader" confused me.

On reading the headline, I thought this was about bootloader malware, but, nope.

Amazon Linux 2023 virtual machine images still MIA

Mike Pellatt

Ah yes, the amusement we had back in the day when all our local had was Courage keg beers, like "Best"

"Pint of Directors please"

"We don't stock that, there's no demand"

rinse & repeat every time we went there.

One of the reasons we only went there on a Sunday evening.

Mike Pellatt

If they had any long-term strategic thinking, they'd realise that enabling hybrid-cloud was exactly what was in their best business interests.

Microsoft makes some certification exams open book

Mike Pellatt

It's the Right Thing

Exams, in general, test the ability to pass exams above an understanding of the subject in question.

In my academic career, up to first degree, in the 60's and early 70's, I sat one open-book exam - one of my final year modules, Electronic Circuit Design.

It was the one and only exam I ever sat that I felt tested my understanding of the subject over my ability to regurgitate facts. I've been boring on about this for the subsequent 50 years, predating the Internet by a little bit.

Of course, to set an exam that does this, the exam setter needs to be highly skilled, but you'd hope that was the case. OK, in this case, it was (then) Dr. (now Prof) Bob Spence, so that definitely applies.

As for vendor quals, don't get me started on them......

Oh, and multiple choice questions. You can game multi-choice far too easily with just a little knowledge - again, unless they're set with a high degree of skill.

Microsoft OneDrive a willing and eager 'ransomware double agent'

Mike Pellatt

This is why relying on OneDrive for your ransomware protection is madness.

Keep the backups well, well away from the Microsoft ecosystem.

CLI-beautifying ANSI escape sequences can also make your log files a security threat

Mike Pellatt

Re: Makes sense to me.

<fx> trots off to see what systemd does.

Mike Pellatt

Re: Old-timer here!

I could, but why should I?

ls should have consistent display across versions. If you want colour, have a flag to turn that on, then expectations don't have to change.

Yep, I know that ship's well and truly sailed.

PS I've been using.*nix so long that grep having grown a -R flag was a comparatively recent discovery.

We will find you and we will sue you, Twitter tells 4 mystery alleged data-scrapers

Mike Pellatt

Re: Profits?

Ah, he's been tutored by Darl McBride.

Whoda' thunk it.

Microsoft puts out Outlook fire, says everything's fine with Teams malware flaw

Mike Pellatt

Re: Windows giant aware of Teams social engineering phishing attack

It wasn't quite such a dumb idea when every password in The Known Universe wasn't out there.

Using the same device for 2FA as the one you're trying to log-in via, though...

Mike Pellatt

Re: Windows giant aware of Teams social engineering phishing attack

Meanwhile, elsewhere in Microsoft, push authentication via Microsoft Authenticator has been enhanced to...... improve its defence to.... social engineering attacks.

Whilst this bit of MS blames users for being vulnerable to them.

What's bunch of d**ks

The number’s up for 999. And 911. And 000. And 111

Mike Pellatt

Re: band-aid fix:

But my back's broken.

Moving 10 feet? Not the brightest idea in the world.

See, every suggestion that someone comes up with to "fix" W3W is worse than the obvious solution of not using it, but using a proper, pre-existing, geolocation system with a public location code generation algorithm

Mike Pellatt

They haven't gone all "NIH" over W3W.

The major issue (OK, one of the major issues) is that the word allocation algorithm is a trade secret.

For a publicly-used geolocation system, that is madness.

Listing those is left as an exercise for the reader.

Page: